[Ipsec-tools-users] IPcomp without IPsec

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi,

I want to use IPcomp, but without any kind of IPsec. My understanding
is that IPcomp (protocol-wise) has no dependency on IPsec, but from a
Linux tools perspective, I need to use the IPsec tools to configure
the kernel.

I've tried using setkey (from ipsec-tools 0.7) on my Ubuntu PC running
kernel 2.6.28 with the following config:

add 10.0.0.1 192.168.1.1 ipcomp 2010 -C deflate;
add 192.168.1.1 10.0.0.1 ipcomp 1020 -C deflate;

spdadd 150.132.87.148 192.168.1.1 any -P out ipsec ipcomp/transport//require;
spdadd 192.168.1.1 150.132.87.148 any -P in ipsec ipcomp/transport//require; 

But when I ping 192.168.1.1 from 10.0.0.1, no packets leave the
10.0.0.1 host.

Which mode (tunnel or transport, in the policy) should I be using? I
would like to select "none", but there isn't any such option. Is this
even possible to configure? Any help is appreciated.

Best regards,
     Mattias